As turns out this PoC is nothing more that a malicious use of legit functions.
If it is an exploit it is one that rely on user interaction.
Poisoning the clipboard can produce a result only if the user doesn't notice that the pasted content is not what he copied.
It is something similiar in concept to
Display different text on status bar of hyperlink of all browsers where the user click on a link thinking the alternate text in the statusbar would be the URL he will be redirected to.
It would be about the same thing as forging a link like
http://www.google.com/ to point to a totally different site (in this specific case looking at the statusbar prove useful enough).
The
clipboard poisoning PoC doesn't work as stated in the
zdnet articleThis has happened to me twice now, on two separate computers at work. My clipboard has been hijacked with this:
[ malicious URL deleted ]
And once it’s in the clipboard, I can’t copy anything else over it until I’ve restarted the machine.
Maybe the real baddie does something like that but the PoC does not require a reboot. The user need to close only the tab with the PoC page and he will be able to copy anything to the clipboard without having that overwritten again.
To mimic that flash PoC a simple html page with javascript would be enough. Flash is not an indispensable requirement.
Clipboard Protection in this case should not be addressed by CFP. This is a browser based issue.
Even if CFP will handle it many legit sites need that functionality and CFP act at the application level.
If some sort of protection is added to web browser then it would be possible to disable clipboard access on a per site basis.
eg: Opera does this for statusbar javascript access.
Author